Jump to content


Photo
- - - - -

WinRAR archive has a password on it


  • Please log in to reply
3 replies to this topic

#1 0verture1010001

0verture1010001

    Will I break 10 posts?

  • Members
  • 4 posts

Posted 07 June 2008 - 02:38 AM

The file I downloaded has a filename of "09.doc" - the website said that if the file doesn't play in a media player then I should try opening it with WinRAR. Since it didn't play in a media player, I opened it with WinRAR and sure enough it's an archived file. Unfortunately it has a password on it. I tried this program that supposedly could crack it, but it is telling me it can't even open the file to begin with. The program I tried is called RAR Password Recovery. Any helpful advice here?

#2 jabzor

jabzor

    hax?

  • Agents of the Revolution
  • 1,146 posts
  • Country:
  • Gender:Male
  • Location:Northern Elbonia, fighting the lefties

Posted 07 June 2008 - 05:48 AM

http://www.elcomsoft.com/archpr.html

#3 tao_of_pi

tao_of_pi

    SUP3R 31337 P1MP

  • Members
  • 290 posts
  • Gender:Male
  • Location:the vast 605

Posted 07 June 2008 - 02:35 PM

I have a pirated copy of a program called "Passware" (I think), it has a bruteforcer that works for WinRAR. But BF attacks are kind of slow.

#4 jabzor

jabzor

    hax?

  • Agents of the Revolution
  • 1,146 posts
  • Country:
  • Gender:Male
  • Location:Northern Elbonia, fighting the lefties

Posted 07 June 2008 - 07:58 PM

I have a pirated copy of a program called "Passware" (I think), it has a bruteforcer that works for WinRAR. But BF attacks are kind of slow.

Might want to rephrase that. ;)

Regardless, Passware is a company that offers a number of utils including RAR Key or Passware Enterprise Kit that includes RAR Key as one of its components.

RAR Key can use Passwares patented/proprietary Xieve optimization algorithm to greatly speed up the brute-force of low-character length passwords.
Elcomsoft ARPR however will let you speed up the decryption if you know the first few bytes of an encrypted file (all windows 32bit exes start with MZ for example), but may choke on multi-part archives.

Either way, if the password is of any length you are generally screwed without massive computing power at your disposal or some inside knowledge as unlike the original zip archives you will not exhaust the key-space easily.
You are best off trying to find the password from where you acquired the file originally or building a list of possible strings to try in different variations and modifications (similar to services used by the feds, where they build a dictionary from all plain-text strings they can recover from a computer when they are looking to decrypt files on that computer).

If you do have a lot of computing power at your disposal, Elcomsoft Distributed Password Recovery is also fun to play around with and supports among other things RAR archives. That or submit your file to one of the commercial cracking websites that will attempt to break the file for a fee. ;)




BinRev is hosted by the great people at Lunarpages!